Skip to main content

Free download XSS SHELL v0.3.8

XSS SHELL v0.3.8

WHAT IS XSS SHELL ?
XSS Shell is powerful a XSS backdoor and zombie manager. This concept first presented by "XSS-Proxy - http://xss-proxy.sourceforge.net/ ". Normally in XSS attacks attacker has one shot, in XSS Shell you can interactively send requests and get responses from victim. you can backdoor the page. 



You can steal basic auth, you can bypass IP restrictions in administration panels, you can DDoS some systems with a permanent XSS vulnerability etc. Attack possibilities are limited with ideas. Basically this tool demonstrates that you can do more with XSS.

FEATURES
XSS Shell has several features to gain whole access over victim. Also you can simply add your own commands. 


Most of the features can enable or disabled from configuration or can be tweaked from source code.


Features;
- Regenerating Pages
- This is one of the key and advanced features of XSS Shell. XSS Shell re-renders the infected page and keep user in virtual environment. Thus even user click any links in the infected page he or she will be still under control! (within cross-domain restrictions) In normal XSS attacks when user leaves the page you can't do anything.
- Secondly this feature keeps the session open so even victim follow an outside link from infected page session is not going to timeout and you will be still in charge.
- Keylogger
- Mouse Logger (click points + current DOM)


Built-in Commands;
- Get Keylogger Data
- Get Current Page (Current rendered DOM / like screenshot)
- Get Cookie
- Execute supplied javaScript (eval)
- Get Clipboard (IE only)
- Get internal IP address (Firefox + JVM only)
- Check victim's visited URL history
- DDoS
- Force to Crash victim's browser

INSTALL
XSS Shell uses ASP + MS Access database as backend but you can simply port them into any other server-side solution. You just need to stick with simple communication protocol.




Install Admin Interface;


1. Copy "xssshell" folder into your web server
2. Copy "db" to a secure place (below root)
3. Configure "database path" from "xssshell/db.asp"
4. Modify hard coded password in db.asp [default password is : w00t]
5. Now you can access admin interface from something like http://[YOURHOST]/xssshell/




Configure XSS Shell for communication;
1. Open xssshell.asp
2. Set "SERVER" variable to where your XSSShell folder is located. i.e: "http://[YOURHOST]/xssshell/";
3. Be sure to check "ME", "CONNECTOR", "COMMANDS_URL" variables. If you changed filenames, folder names or some kind of different configuration you need modify them.


Now open your admin interface from your browser,
To test it, just modify "sample_victim/default.asp" source code and replace "http://attacker:81/release/xssshell.js" URL with your own XSS Shell URL. Open "sample_victim" folder in some other browser and may be upload in to some other server.


Now you should see a zombie in admin interface. Just write something into "parameters" textarea and click "alert()". You should see an alert message in victim's browser. 

SECURITY NOTES
- As a hunter be careful about possible "Backfire" in getSelfHTML(). Someone can hack you back or track you by another XSS or XSS Shell attack.
- Checkout "showdata.asp" and implement your own "filter()" function to make it safer for you.


- Put "On error resume next" to db.asp, better modify your web server to not show any error.

HOW CAN YOU EXTEND?
First implement it to xssshell.asp
1) Add new enum for your control
- Set a name and unique number like "CMD_GETCOOKIE"
- var CMD_SAMPLE = 78;
- Set datatype for your response (generally TEXT), 
- dataTypes[CMD_SAMPLE] = TEXT;
2) Write your function and add it to page
- function cmdSample(){return "yeah working !"}
3) Call it
- Go inside to "function processGivenCommand(cmd)"
- Add a new case like "case CMD_SAMPLE:"
4) Report it back
- Inside the case call log;
"log(cmdSample(), dataTypes[cmd.cmd], cmd.attackID, "waitAndRun()");"
Secondly Implement it to admin interface;
- In db.asp just add a new element to "Commands" array (command name, command unique number, description). 
i.e. "cmdSample()",78,"Command sample ! Just returns a message"




There are parameters and lots of helper in the code. Check out other commands for reference. 
Enable debug feature to debug your new commands easily.

KNOWN BUGS;
- Keylogger is not working on IE
- Possibly not going to work for framed pages because of frame regeneration.
- Not working on Konqueror

Password: hackingtricks
Download Here:

Comments

Popular posts from this blog

How to find who is invisible or blocked you on Google Gtalk

So guys are you ready to know that which of your friend has blocked you on google talk. Whenever you noticed a contact in your Gtalk/Google Talk has not been online for some time, have it ever crossed your mind you’ve been blocked? If you are curious in finding out who actually blocked you in Gtalk, here’s a workaround you can try. This following method we attempt to show make use of a chat client call Pidgin. STEPS TO FIND WHO IS INVISIBLE OR BLOCKED YOU ON GOOGLE CHAT: 1. Download, Install Pidgin Click here to download Pidgin chat client. If you already have Pidgin installed, you may skip this step. 2. Configure Pidgin for GtalkYou’ll probably start with the below screen. Click the Add button. "Accounts -> Manage Account" will also bring you to the same screen. Let’s add Gtalk to Pidgin. Configure Pidgin Welcome Screen Clicking Add will allow you to add new Gtalk account. The following two screenshots show what you need to fill up for Basic and Advance tab, pay...

Secrets, Hints, Tips, And Tricks To Succeed In FarmVille on Facebook

12 days ago, I happened to look over someone's shoulder when they had FarmVille open. Before then, I had brushed it off as another lame community game I didn't have time for. It was at that time that I actually saw the game being played and decided to give it a shot. Over the last 12 days, I've been so successful at the game that I felt I just had to share some of what helped me rocket past many of my Facebook friends in the game. Grab a notepad or fire up the printer, because I have some great tips and tricks to help you do as well as I am in FarmVille. Just to prove my point, here's a screen shot of my farm from just minutes ago. Not bad for 12 days. Get some friends Yeah yeah. You have a lot of friends. But are they playing FarmVille? Some things (like acquiring more land) require certain amounts of friends. Make sure you engage some of your friends to be your FarmVille neighbors. If, like me, you don't want to spam people who hate all the...

How Adsense Changed the Internet

Ever since Google came up with the master idea that is AdSense, the web has transformed in a variety of ways no one would have ever suspected. Some of these are good changes others aren't. This is a small exploration of how a brilliant marketing scheme has taken the web by storm. It deals with the changes advertisers and publishers and even website visitors have undergone ever since AdSense has become a daily part of our on-line lives. Even before AdSense came out a lot of people were advertising through AdWords. It ensured a lot of publicity through getting your site listed at the top in Google search queries. It took away a lot of the pain and price of SEO and the large amount of time you had to wait until you were finally on top. It made launching a website, a realistic way to instant profitability instead of a long term strategy with no immediate returns. Through the use of AdSense, the possibility appeared of having your ads appear on just about any site on the Internet that h...